PT-2022-16828 · Ezviz · Ezviz Cs-C6N-A0-1C2Wfr-Mul
Bitdefender Labs
·
Published
2022-09-15
·
Updated
2022-09-19
·
CVE-2022-2472
CVSS v3.1
7.6
High
| Vector | AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428
Description
The issue is related to an Improper Initialization vulnerability in the local server component, allowing a local attacker to read the contents of the memory space containing the encrypted admin password.
Recommendations
For EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428, update to version 5.3.0 build 220428 or later to resolve the issue. As a temporary workaround, consider restricting access to the local server component to minimize the risk of exploitation.
Fix
Improper Initialization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ezviz Cs-C6N-A0-1C2Wfr-Mul